What to do after a data leak


When faced with a data breach, victims are not always helpless and can take steps to prevent the situation from worsening, but it is always essential for them to act quickly, a leading expert has said.

When faced with a data breach, victims can take steps to prevent the situation from worsening, but it is always essential for them to act quickly. — Photo courtesy of congngheviet.com

When faced with a data breach, victims are not always helpless and can take steps to prevent the situation from worsening, but it is always essential for them to act quickly, a leading expert has said.

Yeo Siang Tiong, Kaspersky’s general manager for Southeast Asia, said, "Data breaches and data leakages are becoming increasingly commonplace these days, especially with increasing reliance on third-party suppliers – such as the recent breaches at an airline in Singapore, a major local telco and a security firm.

"With leaked information, hackers can impersonate the victims or deploy social engineering scams to trick victims into revealing sensitive login information, which is why it is not surprising that users will be concerned when faced with a potential case of data breach."

A security breach in one account potentially risks other accounts too, especially if passwords are shared or regular transactions are made between them, he said.

If a breach involves financial information, the victims need to notify banks and financial institutions where they have accounts and change the passwords, security questions and PIN codes for all accounts besides considering a credit freeze, he said.

They need to monitor their accounts for signs of any new activity and be on guard for other types of social engineering attacks, he warned.

For instance, if a criminal has accessed a hotel's accounts, they could ring customers asking for feedback on their recent stay, and, having established a relationship of trust, could offer a refund of some charges and ask for the customer's card number to make the transaction, he said.

If the call is convincing, most customers would probably not think twice about providing those details, he pointed out.

"With that said, prevention is always better than cure – and while no one is immune to a data breach or can prevent a third-party service provider from getting hacked, good cyberscecurity habits will make you less vulnerable and help survive a data breach with less disruption.

"To put things into perspective, if you would never leave the front door of your house open all day, think of your computer the same way. Keep your network access and your personal data tightly secured, and do not leave any opportunity for a hacker to get in through open windows or doors."

He also recommended some steps that people need to take to prevent data breaches, like using strong passwords and different passwords for different accounts, changing passwords regularly, backing up files, securing the computer and other devices by using anti-virus and anti-malware software, being careful about where they click, monitoring their bank statements and credit reports, and generally knowing the value of their personal information. — VNS

  • Share: